Bacula Encryption - Design

This document serves as a centralized collection of ideas and thoughts concerning the
design of encryption for the Bacula project.

Project Scope

This is a proof of concept project. We will be keeping things simple.
The goal is to get encryption working, and working well, then look at adding
features.

Our goal is merely to encrypt the data being backed up. Encrypting or securing
the traffic between daemons is outside our scope.

We take the approach that data must be encrypted at the Client (i.e. the File
Daemon, bacula-fd). Our initial testing will be such that it does not require
modification of anything other than bacula-fd.

Encryption choices

Initial testing will use a simple XOR method for encrypting the file. This allows
us to concentrate on getting the code right, rather than on the encryption methods.
Eventually, we plan to make use of public key encryption. It will

To encrypt or not encrypt

We take the approach that the decision to encrypt or not encrypt is the decision
of the File Daemon. Therefore, any configuration items associated with
encryption will be on the Client.

Encryption will either be on or off and will be decided at start up time.

When restoring, the Client will need to
know whether or not the backup was originally encrypted or not. For our testing,
the Client will assume that everything is to be encrypted at backup and decrypted
during the restore. Eventually, we will need to add new stream identifiers to
designate that a given stream is encrypted. We might need to identify the
encryption method and key fingerprint within the backup.